Debian:libx11: fix missed dependency of libx11

Upgrade libx11 to the version that CVE-2023-3138 have been fixed: 'libx11-dev_2:1.7.2-1_amd64.deb to libx11-dev_2:1.7.2-1+deb11u1_amd64.deb' 'libx11-xcb1_2:1.7.2-1_all.deb to libx11-xcb1_2:1.7.2-1+deb11u1_amd64.deb' This commit provides the URL of the package in base-bullseye.lst to fix missed dependency of libx11. For both libx11-dev and libx11-xcb1 depend libx11-6, after libx11-6 is upgraded, they also need be upgraded too. (Refer to https://nvd.nist.gov/vuln/detail/CVE-2023-3138) Test plan: PASS: build-pkgs --clean --all && build-image Closes-bug: 2025014 Change-Id: Icd36ac2661ae57609eabd2aba228e830173a0207 Signed-off-by: Peng Zhang <Peng.Zhang2@windriver.com>
2023-07-12 15:32:08 +08:00 · 2023-07-12 15:32:08 +08:00 · cf6a9bc243
commit cf6a9bc243
parent 0573d689b7
1 changed files with 2 additions and 0 deletions
--- a/debian-mirror-tools/config/debian/common/base-bullseye.lst
+++ b/debian-mirror-tools/config/debian/common/base-bullseye.lst
@ -712,6 +712,8 @@ libwiretap-dev  3.4.10-0+deb11u1
 libwrap0  7.6.q-31
 libx11-6  2:1.7.2-1+deb11u1 https://snapshot.debian.org/archive/debian-security/20230621T092836Z/pool/updates/main/libx/libx11/libx11-6_1.7.2-1%2Bdeb11u1_amd64.deb
 libx11-data  2:1.7.2-1+deb11u1 https://snapshot.debian.org/archive/debian-security/20230621T092836Z/pool/updates/main/libx/libx11/libx11-data_1.7.2-1%2Bdeb11u1_all.deb
 libx11-dev  2:1.7.2-1+deb11u1 https://snapshot.debian.org/archive/debian-security/20230621T092836Z/pool/updates/main/libx/libx11/libx11-dev_1.7.2-1%2Bdeb11u1_amd64.deb
 libx11-xcb1  2:1.7.2-1+deb11u1 https://snapshot.debian.org/archive/debian-security/20230621T092836Z/pool/updates/main/libx/libx11/libx11-xcb1_1.7.2-1%2Bdeb11u1_amd64.deb
 libxau6  1:1.0.9-1
 libxcb1  1.14-3
 libxcb-render0  1.14-3